Total CVEs

146,007

Critical Severity

4,294

High Severity

15,809

Last 7 Days

2,246
Quick preset (or use dates below)
Clear Filters
📅 Showing Year: 2026 (January 1 - December 31, 2026) View All Years →
Showing 24,141 - 24,160 of 42,412 CVEs
CVE-2026-5440 HIGH - 7.5

A memory exhaustion vulnerability exists in the HTTP server due to unbounded use of the `Content-Length` header. The server allocates memory directly based on the attacker supplied header value without enforcing an upper limit. A crafted HTTP request containing an extremely large `Content-Length` v...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5439 HIGH - 7.5

A memory exhaustion vulnerability exists in ZIP archive processing. Orthanc automatically extracts ZIP archives uploaded to certain endpoints and trusts metadata fields describing the uncompressed size of archived files. An attacker can craft a small ZIP archive containing a forged size value, causi...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5438 HIGH - 7.5

A gzip decompression bomb vulnerability exists when Orthanc processes HTTP request with `Content-Encoding: gzip`. The server does not enforce limits on decompressed size and allocates memory based on attacker-controlled compression metadata. A specially crafted gzip payload can trigger excessive mem...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-5437 HIGH - 7.5

An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocated metadata buffer. Although this issue does not typically crash the server or expose data directly t...

Vendor: orthanc-server
Product: orthanc
Published: Apr 09, 2026
Source: NVD
CVE-2026-4116 HIGH - 7.2

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.

Published: Apr 09, 2026
Source: NVD

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication.

Published: Apr 09, 2026
Source: NVD
CVE-2026-4113 HIGH - 7.2

An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.

Published: Apr 09, 2026
Source: NVD

Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.

Published: Apr 09, 2026
Source: NVD
CVE-2026-34757 MEDIUM - 5.1

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter on the same png_stru...

Vendor: pnggroup
Product: libpng
Published: Apr 09, 2026
Source: NVD
CVE-2026-34578 HIGH - 8.2

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldap_escape(). An unauthenticated attacker can inject LDAP filter metacharacters into the username f...

Vendor: opnsense
Product: core
Published: Apr 09, 2026
Source: NVD
CVE-2025-70811 MEDIUM - 4.3

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the Admin Control Panel icon management functionality.

Published: Apr 09, 2026
Source: NVD
CVE-2025-70810 HIGH - 8.8

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism

Published: Apr 09, 2026
Source: NVD
CVE-2025-62718 CRITICAL - 9.9

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback addresses like localhost. (with a trailing dot) or [::1] (IPv6 literal) skip NO_PROXY matching and g...

Vendor: axios
Product: axios
Published: Apr 09, 2026
Source: NVD
CVE-2025-50228 CRITICAL - 9.1

Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules.

Vendor: jizhicms
Product: jizhicms
Published: Apr 09, 2026
Source: NVD
CVE-2026-4660 HIGH - 7.5

HashiCorp’s go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixed in go-getter v1.8.6. This vulnerability does not affect the go-getter/v2 branch and package.

Vendor: go
Product: github.com/hashicorp/go-getter
Published: Apr 09, 2026
Source: NVD
CVE-2025-45806 MEDIUM - 6.1

A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Published: Apr 09, 2026
Source: NVD
CVE-2026-3005 MEDIUM - 6.4

The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catlist' shortcode in all versions up to, and including, 0.94.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

Published: Apr 09, 2026
Source: NVD
CVE-2026-2519 MEDIUM - 5.3

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due to the plugin trusting a user-supplied input without server-side validation against the co...

Published: Apr 09, 2026
Source: NVD

Mattermost Plugins versions <=2.1.3.0 fail to limit the request body size on the {{/changes}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost Advisory ID: MMSA-2026-00611

Vendor: Mattermost
Product: Mattermost
Published: Apr 09, 2026
Source: NVD

Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service via sending an oversized JSON payload. Mattermost Advisory ID: MMSA-2026-00610

Vendor: Mattermost
Product: Mattermost
Published: Apr 09, 2026
Source: NVD